Securing REST API using custom tokens (stateless, no UI, no cookies, no basic authentication, no OAuth, no login page)

Question

There are lots of guidelines, sample codes that show how to secure REST API with Spring Security, but most of them assume a web client and talk about login page, redirection

Answer 1

I recommend JSON Web Tokens http://jwt.io/ , it's stateless and scalable.

Here is an example project, https://github.com/brahalla/Cerberus